Blockchain Overwatch

ABSTRACT

Various embodiments of the present technology provide a distributed overwatch system that allows transactions with government-grade privacy and security. The security and privacy can be achieved by a combination of distributed trusted proxies, to which anonymous users connect with the overwatch of a variety of network security engines. The structured ecosystem provides mechanism for the blockchain to be monitored by an overwatch capability combining big data analytics, intelligent learning, and comprehensive vulnerability assessment to ensure any risks introduced by vulnerabilities are effectively mitigated. The system may include multiple proxy servers geographically distributed around the world. Each proxy can be associated with local network security engines to probe and analyze network traffic. Each proxy can mask sensitive data (e.g., personally identifiable information) within the transaction before it is stored. Various embodiments can interface with most blockchain or distributed ledger technologies that support multi-signature transactions and/or smart contracts.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a divisional of U.S. patent application Ser. No.16/436,820 filed Jun. 10, 2019; which claims priority to U.S.Provisional Patent Application No. 62/682,533 filed Jun. 8, 2018, bothof which are incorporated herein by reference in its entirety for allpurposes.

TECHNICAL FIELD

Various embodiments of the present technology generally relate toblockchain privacy and security. More specifically, the embodiments ofthe present technology relate to a blockchain overwatch system thatprovides secure communications, ensures privacy, and actively monitorstransactions to identify various security threats.

BACKGROUND

Blockchains allow a network of users to make a distributed ledger ofdata and share the data among the other users or nodes in the network.Unlike traditional database structures, the blockchain ledger ismaintained by a multitude of independent nodes spread across a largedistributed network. When a transaction is recorded into a block withinthe blockchain, it is very difficult, if not impossible, to change orremove that data since the data is stored in more than one node in thedistributed network. Each of these blocks typically includes acryptographic hash of the previous block, a timestamp, and thetransaction data. Moreover, any data added into the blockchain requiresa consensus (e.g., a majority) of nodes to agree to the addition. Thisdistribution of control to modify from the blockchain creates a trustedimmutable ledger recording transactions or data.

Public blockchains have no restrictions and anyone with a connection tothe network may be able to review entries within the blockchain orrequest new transactions or data be added. Other types of blockchainsinclude private and hybrid (e.g., a combination of public and private)configurations. However, each node typically has access to thetransactions recorded making privacy and anonymity difficult to ensure.In addition, the security of the data becomes important as additionalinformation is stored within each block. As such, there are a number ofchallenges and inefficiencies created in traditional blockchain systems.

SUMMARY

Various embodiments of the present technology generally relate toblockchain privacy and security. More specifically, the embodiments ofthe present technology relate to a blockchain overwatch system thatprovides secure communications, ensures privacy, and actively monitorstransactions to identify various security threats. In some embodiments,a method can include receiving, at a proxy, a transaction from a firstendpoint within multiple endpoints associated with the proxy. Thetransaction can include transaction data with a request to add thetransaction to a distributed ledger system. The transaction data mayalso include personally identifiable information. The method can maskthe personally identifiable information using a private key. A blockproducer can be randomly selected to verify the transaction. Thetransaction can be routed to the randomly selected block producer forvalidation.

Embodiments of the present technology also include computer-readablestorage media containing sets of instructions to cause one or moreprocessors to perform the methods, variations of the methods, and otheroperations described herein.

While multiple embodiments are disclosed, still other embodiments of thepresent technology will become apparent to those skilled in the art fromthe following detailed description, which shows and describesillustrative embodiments of the technology. As will be realized, thetechnology is capable of modifications in various aspects, all withoutdeparting from the scope of the present technology. Accordingly, thedrawings and detailed description are to be regarded as illustrative innature and not restrictive.

BRIEF DESCRIPTION OF THE DRAWINGS

Embodiments of the present technology will be described and explainedthrough the use of the accompanying drawings.

FIG. 1 illustrates an example of an environment in which someembodiments of the present technology may be utilized.

FIG. 2 illustrates an example of proxy server assigned to a proxy groupand a local overwatch agent for threat assessment.

FIG. 3 is a flowchart illustrating an example of a set of operations foroperating a proxy server in accordance with some embodiments of thepresent technology.

FIG. 4 illustrates an example of a set of components within an overwatchagent according to one or more embodiments of the present technology.

FIG. 5 is a sequence diagram illustrating an example of the data flowbetween various components of a secured system according to variousembodiments of the present technology.

FIG. 6 illustrates an example of a multi-signature token transferbetween anonymous users in accordance with some embodiments of thepresent technology.

FIG. 7 is a flowchart illustrating an example of a set of operations forusing a consensus algorithm that takes into account policy ratings whendetermining whether to add content to the blockchain in accordance withone or more embodiments of the present technology.

FIG. 8 is a flowchart illustrating an example of a set of operations fordetermining whether to add content to the blockchain in accordance withone or more embodiments of the present technology.

FIG. 9 illustrates an example of the various layers of a blockchainsystem that may be used in accordance with various embodiments of thepresent technology.

FIG. 10 illustrates an example of various decentralized applicationsthat may be used in some embodiments of the present technology.

FIG. 11 is an example of a computer systemization that may be used invarious embodiments of the present technology.

The drawings have not necessarily been drawn to scale. Similarly, somecomponents and/or operations may be separated into different blocks orcombined into a single block for the purposes of discussion of some ofthe embodiments of the present technology. Moreover, while thetechnology is amenable to various modifications and alternative forms,specific embodiments have been shown by way of example in the drawingsand are described in detail below. The intention, however, is not tolimit the technology to the particular embodiments described. On thecontrary, the technology is intended to cover all modifications,equivalents, and alternatives falling within the scope of the technologyas defined by the appended claims.

DETAILED DESCRIPTION

Various embodiments of the present technology generally relate toblockchain privacy and security. More specifically, the embodiments ofthe present technology relate to a blockchain overwatch system thatprovides secure communications, ensures privacy, and actively monitorstransactions to identify various security threats. The currentblockchain ecosystems (e.g., blockchain 1.0 and 2.0) lack real privacyand overall security. Moreover, many of the original cryptocurrencysystems using blockchains were centralized in a manner that presented avariety of security and scalability issues. The next generation ofblockchain ecosystems used a distributed architecture that created theuse of delegates (e.g., block providers) to act on these actions andhelp geographically distribute them, allowing the transactions to movecloser to the endpoint of the user. This structure has opened upsecurity issues. In addition, current blockchain technology provides forcomplete transparency of every transaction, as the ledger has every bitof transaction information stored thereon.

In contrast, various embodiments of the present technology provide for adistributed overwatch system that allows transactions withgovernment-grade privacy and security. This level of security andprivacy can be achieved by a combination of distributed trusted proxies,to which anonymous users connect with the overwatch of a variety ofnetwork security engines. The structured ecosystem provides mechanismfor the blockchain to be monitored by an overwatch capability combiningbig data analytics, intelligent learning, and comprehensivevulnerability assessment to ensure any risks introduced byvulnerabilities are effectively mitigated. The system may includemultiple proxy servers geographically distributed around the world. Eachproxy can be associated with local network security engines to probe andanalyze network traffic. Each proxy can mask sensitive data (e.g.,personally identifiable information) within the transaction before it isstored. Various embodiments can interface with most blockchain ordistributed ledger technologies (e.g., Bitcoin, Ethereum, etc.) thatsupport multi-signature transactions and/or smart contracts.

Various embodiments of the present technology provide for a wide rangeof technical effects, advantages, and/or improvements to computingsystems and components within blockchain or distributed ledger systems.For example, various embodiments include one or more of the followingtechnical effects, advantages, and/or improvements: 1) intelligenttapping of network traffic and its meta-data; 2) integration of machinelearning to analyze tapped network traffic to identify threat vectorsand/or traffic outliers; 3) automatic updating of threat analysis rulesusing unsupervised learning; 4) use of proxy servers to mask thepersonally identifying information (e.g., by encryption and masking); 5)randomization of communications between system components (e.g., proxyservers and block producers) to create a more secure communicationstructure (e.g., by deterring man-in-the-middle attack); 6) use ofunconventional and non-routine computer operations to establish a securecommunication channel between parties of a (potential) transaction whichcan be automatically analyzed (e.g., using machine learning) to ensurecompliance with governmental regulations, terms of use, or otherrestrictions; 7) use of unconventional and non-routine computeroperations to provide a distributed learning system that can efficientlyanalyze tapped data without requiring all the data be sent to acentralized location; 8) changing the manner in which transactions andcommunications are processed between client devices and blockchainledgers; 9) integration of a robust security and privacy paradigm intoany existing blockchain system; 10) aggressive threat detection withinthe blockchain infrastructure; 11) analysis of traffic at line-speed;12) continuous learning via post-data analysis; 13) seamless integrationwith the communications technology to become network aware; 14) use ofnon-human game theory and capability that creates an autonomousconsensus model inside the machine learning agents and system itself;15) inclusion of blockchain transactional data; and/or 16) colorationsbetween tapped network meta-data and the blockchain transactional data.

In the following description, for the purposes of explanation, numerousspecific details are set forth in order to provide a thoroughunderstanding of embodiments of the present technology. It will beapparent, however, to one skilled in the art that embodiments of thepresent technology may be practiced without some of these specificdetails. The techniques introduced here can be embodied asspecial-purpose hardware (e.g., circuitry), as programmable circuitryappropriately programmed with software and/or firmware, or as acombination of special-purpose and programmable circuitry. Hence,embodiments may include a machine-readable medium having stored thereoninstructions which may be used to program a computer (or otherelectronic devices) to perform a process. The machine-readable mediummay include, but is not limited to, floppy diskettes, optical disks,compact disc read-only memories (CD-ROMs), magneto-optical disks, ROMs,random access memories (RAMs), erasable programmable read-only memories(EPROMs), electrically erasable programmable read-only memories(EEPROMs), magnetic or optical cards, flash memory, or other type ofmedia/machine-readable medium suitable for storing electronicinstructions.

The phrases “in some embodiments,” “according to some embodiments,” “inthe embodiments shown,” “in other embodiments,” and the like generallymean the particular feature, structure, or characteristic following thephrase is included in at least one implementation of the presenttechnology and may be included in more than one implementation. Inaddition, such phrases do not necessarily refer to the same embodimentsor different embodiments.

FIG. 1 illustrates an example of an environment 100 in which someembodiments of the present technology may be utilized. As illustrated inFIG. 1, environment 100 may include one or more electronic devices110A-110N (such as a mobile phone, tablet computer, laptop, computer,mobile media device, vehicle-based computer, wearable computing device,etc.), anonymous network 120, blockchain network 130, proxy servers140A-140N, and block producers 150A-150N. As illustrated in FIG. 1, adistributed overwatch system can be used to support blockchaintransactions with government-grade privacy and security. This level ofsecurity and privacy can be achieved by a combination of distributedtrusted proxies 140A-140N, to which anonymous users or endpoints110A-110N connect. As shown in more detail in FIG. 2, the structuredecosystem provides mechanism for the blockchain to be monitored by anoverwatch capability combining big data analytics, intelligent learning,and comprehensive vulnerability assessment to ensure any risksintroduced by vulnerabilities are effectively mitigated.

In addition, electronic devices 110A-110N can include networkcommunication components that enable the mobile devices to communicatewith proxy servers 140A-140N by transmitting and receiving wirelesssignals using licensed, semi-licensed, or unlicensed spectrum overcommunications network 120. In some cases, anonymous networks 120 and/orblockchain networks 130 may be comprised of multiple networks, evenmultiple heterogeneous networks, such as one or more border networks,voice networks, broadband networks, service provider networks, InternetService Provider (ISP) networks, and/or Public Switched TelephoneNetworks (PSTNs) interconnected via gateways operable to facilitatecommunications between and among the various networks. Anonymousnetworks 120 and/or blockchain networks 130 can also include third-partycommunications networks such as a Global System for Mobile (GSM) mobilecommunications network, a code/time division multiple access (CDMA/TDMA)mobile communications network, a 3^(rd), 4^(th), or 5^(th) generation(3G/4G/5G) mobile communications network (e.g., General Packet RadioService (GPRS/EGPRS)), Enhanced Data rates for GSM Evolution (EDGE),Universal Mobile Telecommunications System (UMTS), Long Term Evolution(LTE) network), or other communications network.

The multiple proxy servers 140A-140N may be geographically distributedaround the world. Each proxy server 140A-140N can be associated withlocal network security engines (not shown in FIG. 1) to probe andanalyze network traffic. These security engines may be integrated intoproxy servers 140A-140N or be physically separated from proxy servers140A-140N. Each proxy server 140A-140N can mask sensitive data (e.g.,personally identifiable information) within the transaction before thetransaction is recorded on the blockchain.

Each node proxy server 140A-140N can serve the role of a gateway,masking any number of anonymous clients while appearing as a normal useron the blockchain network. The proxy's users can be hidden in ananonymous network and receive copies of blockchain traffic destined tothe user's associated ledger identity. In accordance with variousembodiments, this can be done via an internal anonymous messagingsystem. The internal messaging system can allow a user to securely andanonymously interact with the blockchain, as well as other users withintheir own proxy group, or within other proxy groups. The messagingsystem can be based on proven high-security messaging technologyproviding Off-The-Record (OTR) privacy and anonymity. Off-the-RecordMessaging (OTR) is an example of a cryptographic protocol that providesencryption for instant messaging conversations that may be used in someembodiments.

In addition to authentication and encryption, OTR can provide deniableauthentication for the conversation participants while keepingconversations confidential, like a private conversation in real life or“off the record” in journalism sourcing. The distribution of normalmessages (e.g., not payments) can be facilitated by the blockchain ordistributed by the proxies (“off-chain”). Off-chain messages must stillbe copied to all of the proxy's local clients to maintain anonymity.Since the messages do not reveal source and destination information, andsince these are only accessed off-the-wire, it is not possible todetermine who received what from whom.

Messages sent from a proxy client to the proxy itself (e.g., paymentinstructions) may also be distributed to the rest of the proxy members.This broadcast distribution makes it infeasible to determine whetherthey are proxy instructions or just messages to other clients in theproxy's anonymous network. Each message can include a sub-messagemarker, which can only be decrypted by the intended recipient, used todetermine the intended recipient. The marker may also contain thenecessary public keys required to decrypt the main message. As such, insome embodiments, the anonymous users test each message copied to themby the proxy to determine whether the message is destined for them. Asingle Elliptic Curve Diffie-Hellman (ECDH) computation may besufficient to make such a determination. Thereafter, the source userpublic key can be extracted, and the rest of the message decrypted.

Unlike other anonymous blockchains, users within an anonymous group donot have to process the messages and transactions of all other proxygroups (i.e., the system is scalable). Scalability is achieved throughthe use of multiple proxies (e.g., no limit). Each proxy and associateduser only have to deal with messages related to their group. Otheranonymous blockchain architectures rely on users keeping track of alltransactions and some require heavier computations. Some embodiments mayuse multiple proxies with varying numbers of users. Proxies with largeuser groups will be more suitable for low traffic applications andgeneral payments, while other smaller groups will be more suitable forhigher traffic applications.

As illustrated in FIG. 1, the illustrated ecosystem can also supportregular users (e.g., normal user using electronic device 110N) who aremore worried about content security and performance, rather thancomplete anonymity. These users can operate just like normal EOSIO usersbut will have the benefit of strong cryptography and a more secureinfrastructure.

In some embodiments, users may initially communicate their public keysto each other via any out-of-band channel. Later on, this may include ablockchain database where public keys can be looked-up using an index.The index would have to be communicated out-of-band, but users that knoweach other will already have an out-of-band communications system.Commercial web servers that subscribe to an anonymous payment system mayadvertise their public key on their website (which can change fromtime-to-time). Only the sender needs to know the destination public key,as the recipient will learn the sender's public key from the decryptedmessage. Hereafter, parties can securely exchange new public keys asoften as they like using the anonymous messaging system. Since variousembodiments do not impose a centralized Public Key Infrastructure (PKI),users may be required to confirm their public keys by out-of-band means,or by including something in the message that is recognizable by therecipient as past shared knowledge.

In any electronic communication system, you need to provide some form ofpersonal identifier out-of-band. The advantage of the personalidentifier being a public key is that users are getting the informationmore directly, rather than using a Unique Identifier (UID) to look itup. The issue of establishing initial trust is an intractable problem inall secure communication systems. Some embodiments may rely on morecomplicated techniques for securing the process. A useful method ofconfirming information out-of-band is to convey the information on asecure voice call.

FIG. 2 illustrates an example of proxy server 210 assigned to a proxygroup 220 and a local overwatch agent 230 for threat assessment. Theoverwatch system 230 may be configured to assess both the blockchaintransaction and the end-user point-of-interaction with the blockchain.This may be beneficial because the vast majority of cyber-attacks onblockchain systems are aimed at “Blockchain Touch Points.” This is tosay the point at which an object outside of the blockchain coreinteracts with the blockchain and vice versa.

The overwatch monitoring system can provide relevant IT securitystandards and regulatory standards are ‘engineered in’ to enable theoverall network to measure its global security posture in near real-timethrough active assessments as opposed to passive log collection andcorrelation. This is a first for distributed ledger technology—theability to remediate vulnerabilities and weaknesses within hours of thembeing detected. As a result, the blockchain system is secured in a waythat is extremely unlikely to be compromised, even by a malicious stateactor.

Some embodiments can assess the network without intermission. Anyweaknesses that are detected will be escalated and funneled into apriority remediation queue. Once the weakness is remediated, thecomponent in question will undergo validation. Upon receivingconfirmation from the validation module, the overwatch agent can adjustthe risk posture/score of the network accordingly. The process, fromassessment to remediation, will generally not take more than 24 hoursfor critical security concerns. This level of solution-ingrainedsecurity and continued assessments, linked to remedial teams, coupledwith a 30-60% advantage as it relates to threat identification, willmake blockchains secured by the overwatch ecosystem the most securityconscious blockchain.

In accordance with some embodiments, the overwatch agent can run out ofband relative to the blockchain. This can be accomplished by creating atap (e.g., an inline tap, a passive tap, etc.) on proxy 210 to gainaccess to the network traffic. As a result, downtime of the overwatchagent 230 has no effect on the normal operation of the blockchain andthe physical deployment is distributed between a number of geographiclocations based on capacity requirements and provides fail-over betweennodes if one instance goes offline.

In addition, this information together with the total result set fromthe assessment will be fed into a predictive analysis engine acrossmultiple elements (e.g., 1000+ elements) to baseline, detect, andpredict advanced threats. Further, some embodiments of the overwatchagent 230 may provide continuous feedback and recommendations on newlydetected network anomalies and threat vectors. Some embodiments maydeploy machine learning agents like the aforementioned distributedmeta-miners to constantly assess, mitigate, respond, neutralize, andoptimize the ecosystem. Machine learning technology may be built intothe overwatch agent 230 and assist in refining the quality ofgovernance. One objective is to enable secure and private transactionswhile continually detecting and blocking the activities of bad actors onthe ecosystem.

The combination of advanced threat detection with machine learning haskey advantages: 1) aggressive threat detection within the blockchaininfrastructure; 2) analysis of traffic at line-speed; 3) continuouslearning via post-data analysis; 4) seamless integration with thecommunications technology to become network aware; and/or 5) non-humangame theory and capability that creates an autonomous consensus modelinside the machine learning agents and system itself.

Probes or minors can be used in various embodiments to tap the networktraffic. The probes or minors can sit at strategic locations ininfrastructure. For example, 10 Gb/sec tapping rates may be realizedusing different technologies (e.g., Napa Tech Cards). A software packagemay be used as a deep package inspector. The overwatch agent can analyzethe traffic (e.g., packages and payloads of the data). Some embodimentsuse a rule engine that can set locations and rules across minors. Forexample, a rule may be set such that any suspicious activity moving fromengineering endpoint to an accounting endpoint creates an action (e.g.,analyzed deeper, generates a flag, etc.).

Some embodiments may use concentrators to generate an aggregated report,or send alerts, and/or other activity from the miners. In someembodiments, the analysis can be performed locally on the miners andthat analysis can then be aggregated remotely. Those that wereaggregators are sent to the concentrators, which then process thenecessary analytics, like alerts and rules, and push rules back to theminers. To apply the rules to the data of the miners, certain patternsor data transactions can be identified and machine learning can beapplied to that flow.

The overwatch agent 230 may identify baselines of the network and thenmonitor for outliers or anomalies which, in view of the rules, can beused to understand and identify threat vectors. As such, the overwatchagent 230 will become smarter and more effective at identifying threatsas time goes on. Some embodiments may use supervised learning.

In some embodiments, the overwatch agent 230 may also receive metadatafrom the block producers. For example, the metadata could includevarious data from layer 3, 4 and layer 7 such as IP address, MACaddress, application data, etc. This additional data could be used bythe overwatch agent to improve graphs of transactions, geolocation, andtime series analysis.

FIG. 3 is a flowchart illustrating a set of operations 300 forprocessing a transaction in accordance with some embodiments of thepresent technology. The operations illustrated in FIG. 3 can beperformed by electronic devices 110A-110N, proxy servers 140A-140N,block producers, and/or one or more components (e.g., processor(s)),engines, and/or modules. As illustrated in FIG. 3, electronic devicescan transmit messages with transaction or communication data to one ormore proxies during transmission operation 310. In some embodiments, thedevices may randomly select a fixed number (e.g., ten) of proxies. Inother embodiments, the devices may send the messages to a fixed set ofproxies (which could be changed intermittently, periodically, or on someschedule).

As the messages are received at each proxy, each proxy will determinewhether the message was intended for that proxy during determinationoperation 320. This could be done, for example, by associating groups ofdevices with each proxy. When a proxy determines that the device was notin the proxy group, then determination operation 320 can branch todisregard operation 330 where the message is ignored or discarded. Whena proxy determines that the device was in the proxy group, thendetermination operation 320 can branch to anonymize operation 340 whereinformation within the transaction can be anonymized.

Anonymization operation 340 can mask or hide some parts of informationwithin the transaction data or communication. For example, the proxyserver may mask some parts of that component. As a result, theblockchain or distributed ledger will not get a name or social securitynumber, for example, but there will be a place where that information isheld and secured. Some embodiments may encrypt portions of the data onthe ledger that parties do not want people to be able to be accessedeasily, and a key can be stored in the proxy as a key vault. There mayalso be public keys to start the authentication and private keys thatwill never see the light of day and need to be protected because thosekeys unlock the encrypted data on the blockchain.

Selection operation 350 can randomly select a block producer to send thetransaction to for validation. Once the block producer is identified,routing operation 360 can route the masked transaction to the blockproducer for validation using validation operation 370 to determinewhether the transaction can be added to the blockchain or ledger. Insome embodiments, validation operation 370 may use a consensus model tovalidate the transaction (e.g., checking whether the end points arevalid, the information coming in is valid, required number of parties,required number of contracts, etc.).

By transmitting the message from the device to multiple proxies andrandomly selecting which block producer a transaction gets routed to,interception of traffic becomes more difficult because there is nopattern from one transaction to the next. Moreover, from the perspectiveof a third party looking in, the third party should not be able tofigure out traffic between the proxy, client, and block because thecommunications are random.

FIG. 4 illustrates a set of components within an overwatch agentaccording to one or more embodiments of the present technology. As shownin FIG. 4, overwatch agent 400 may include an ingestion interface, amonitoring system, a machine learning system, and an alert system. Whilenot illustrated in FIG. 4, additional components may be present.Examples of these components include, but are not limited to, memory(e.g., volatile memory and/or nonvolatile memory), processor(s) forexecuting processing instructions, and operating systems, data storagecomponents (e.g., hard drive, flash memory, memory card, etc.), inputand/or output interfaces, and/or the like.

Network traffic can be routed through ingestion interface 405 andconsumed by components of the monitoring system (e.g., real-timedetection module 410 and/or off-line detection module 415). Over time,machine learning system can create baseline models of the networktraffic which can be used to classify various threats. As illustrated inFIG. 4, pre-processing and parsing engine 425 can parse the traffic intoa desired format. Training engine 430 can use training data to identifya classification model which can be tested or validated using testingengine 440. Then, prediction engine 450 can be used to classify traffic(e.g., a threat or as safe). The network model can be stored in modeldata database 455 and any identified threat vectors can be stored indatabase 460. The alert system can include communication interface 465to transmit any recommendations generated by recommendation engine 470.

FIG. 5 is a sequence diagram illustrating an example of the data flowbetween various components of a secured system according to variousembodiments of the present technology. In the embodiments illustrated inFIG. 5, party device 510 can submit a transaction request. Thetransaction request can be routed to proxy 520 and transaction data canbe tapped and ingested by machine learning engine 530 and threatassessment engine 540. The transaction data can be analyzed by machinelearning engine 530, and any outliers or threat vectors can beidentified. If these outliers or threat vectors are new, machinelearning engine 530 can submit new rules to threat assessment engine540. Machine learning engine 530 may also receive network metadata(e.g., from layers 3 and 4). This additional information can be used insome embodiments to help identify outliers and new threat vectors.

Threat assessment engine 540 can be analyzing the transaction data toidentify any new threats. As threats are identified, a threat report canbe submitted to producers and proxy 520. If the threat assessment engine540 reports that no threats are present, then proxy 520 can submit themasked data to producers 550 where an entry can be added to the ledgerupon a consensus by multiple producers. A confirmation can be sent backto proxy 520 and party device 510.

FIG. 6 illustrates an example of a multi-signature token transferbetween anonymous users in accordance with one or more embodiments ofthe present technology. In accordance with various embodiments, paymentscan be made using the blockchain's transaction format or usingcontracts/tokens. Since the blockchain expects identifiable endpointsfor payments, the proxy gateway can be used as the visible paymentidentity while representing the users on its anonymous network. Paymentscan be signed by the proxy identity and its registered anonymous client(Multisig). Using the second signature, the anonymous users can directthe proxy to make payments on their behalf. This prevents the proxy fromspending the funds on its own. When transfers are made, the transferscan be made to a second contract with conditions set by the initialcontract owner. Thus, the second contract can only be fulfilled withthose conditions, and the conditions are sent to the target recipientvia the anonymous messaging system.

In addition, the anonymous users can direct the proxy to include othersignatories to the transaction. The other signatories may consist ofproxies and/or other anonymous users. In some embodiments, thetransactions can be configured to assign weightings to signatories aswell as logical AND/OR functionality. This decentralizes the proxies andallows users to fulfill their contracts via more than one proxy.

The token representation in FIG. 6 is notional and is only used toexplain the anonymous payment method that may be used in someembodiments. When Alice, owner of token A (FIG. 6), wishes to make apayment, she generates a one-time public/private key pair and stores thepublic key in a new token (token E).

Alice will send the private key, or information on how to derive theprivate key, immediately or later, to the token E beneficiary (Bob) in asecure anonymous message. Alice includes, in token E, Bob's proxy'spublic key, a hash of token A (including a reference to token A), andother token details such as the coin amount, contract conditions, andpossibly an encrypted message for Bob. Alice signs token E using theone-time private key that was sent anonymously to her by her previousbenefactor. The new token E information can now be sent to Alice's proxyin a secure, anonymous message.

Alice's proxy will then generate a hash of token A (referenced in thenew token E) and verify that it matches the hash Alice included in tokenE. Alice's proxy then verifies Alice's signature using the one-timepublic key from token A, and checks that token A's amount matches theamount in token E. If the signature and token amount are verified,Alice's proxy signs the new token E and forwards it to the blockproducer for inclusion in the ledger.

Double-spend checking can be done at the block producer level. Asmentioned above, the one-time private key may or may not be known to thepayer. In the case where it is known to the payer, the transaction canonly be reversed before the intended beneficiary transfers the amountinto another contract. The one-time public and private keys can begenerated normally, where both keys are known to the generating party,or they can be generated using stealth techniques, whereby thedestination private key cannot be determined by Alice. In the formercase, Alice has the option of reversing the payment and it can only befully owned by Bob through a second self-payment. In the latter case,instead of a private key, a stealth computation is added in the securemessage sent to the beneficiary. The stealth computation allows Bob tocompute the private key (unknown to Alice). Some embodiments may allowthe option of the beneficiary providing the “spend” public key.

If the transaction involves the exchange of electronic goods, then it ispossible to construct an atomic transaction, whereby a time delay isimposed and both parties to the transaction have to provide a signaturebefore the goods are released. This can also be done in an anonymousmanner since the transaction would require both users to apply theiranonymous, one-time key. In a variation of the example illustrated inFIG. 6, the previous owner's signature would just have to be appliedwithin the same time delay.

FIG. 7 is a flowchart 700 illustrating an example set of operations forusing a consensus algorithm that takes into account policy ratings whendetermining whether to add content to the blockchain in accordance withone or more embodiments of the present technology. As illustrated inFIG. 7, receiving operation 705 receives a request to add content to theblockchain. Before the content is added to the block chain, selectionoperation 710 determines (e.g., based on a random selection) whetherthis request will be reviewed for policy violations. Determinationoperation 715 determines whether the request was selected. Whendetermination operation 715 determines the request was not selected,determination operation 715 branches to addition operation 720 where thecontent is added once a consensus has been reached.

When determination operation 715 determines the request was selected,determination operation 715 branches to review operation 725 where thecontent is reviewed for policy violations. Generation operation 730 cantake the results from review operation 725 and generate a scoreindicative of compliance of the content with policies in place. Thescore can be submitted with the content to the content producers duringsubmission operation 735. Consensus operation 740 can apply a consensusalgorithm with a policy score modification to determine whether thecontent should be added. For example, if the policy score is indicativeof a compliance with the policies (e.g., a score that is below or abovea threshold amount or percentage), then consensus operation 740 operatesas normal whereas a policy score is indicative of a violation wouldcause the consensus algorithm to automatically fail. Determinationoperation 745 identifies the consensus results. When determinationoperation 745 determines that the content should be added, thendetermination operation 745 branches to addition operation 750 where thecontent is added. When determination operation 745 determines that thecontent should be denied, then determination operation 745 branches torefusal operation 755 where the addition of the content to theblockchain is rejected.

FIG. 8 is a flowchart illustrating an example of a set of operations 800for determining whether to add content to the blockchain in accordancewith one or more embodiments of the present technology. In theembodiments illustrated in FIG. 8, generation operation 810 uses anartificial intelligence engine to generate a policy score for randomlyselected content before the content is added to the block chain. Theartificial intelligence engine, in some embodiments, may use multiplespecialized engines (e.g., that can run in parallel) to classify and/orscore the content. For example, the artificial intelligence engine mayinclude a copyright engine to identify copyrighted content (e.g.,pictures), a misappropriations engine to identify information that maysteal personal information (e.g., phone numbers, credit card numbers,social security numbers, etc.) for large groups of people, childpornography engine to identify indecent photographs of children, and thelike. Each of these multiple specialized engines maybe weighted andcombined to generate an overall score (e.g., between 0 and 100).

Determination operation 820 determines whether the overall score iswithin a range indicating a violation, compliance, or a need for furtherreview. When determination operation 820 determines the content is inviolation, determination operation 820 branches to refusal operation 830which acts as an override of the consensus algorithm and denies additionof the content to the blockchain. When determination operation 820determines the content is in compliance, determination operation 820branches to addition operation 840 where the content is added uponconsensus from the consensus algorithm. When determination operation 820determines that further review is needed, determination operation 820branches to submission operation 850 where the content is submitted foradditional review (e.g., by additional machine learning engines,classifiers, or human review). Violation determination operation 860reviews the results from submission operation 850 and determines whetherthe content is in violation, in which case violation determinationoperation 860 branches to refusal operation 830, or whether the contentis acceptable, in which case violation determination operation 860branches to addition operation 840.

FIG. 9 illustrates an example of the various layers of a blockchainsystem 900 that may be used in accordance with various embodiments ofthe present technology. In the embodiments illustrated in FIG. 9, thesystem may include one or more overwatch agents 910, a layer ofdecentralized applications 920, a blockchain protocol layer 930, a layerof producers 940, a layer of proxies 950, and a layer of devices 960.Various embodiments of blockchain system 900 may include military gradeencryption for secure transactions and cryptographic anonymity.Overwatch agents 910 can provide continuous security assessments againstall cyber attacks in the ecosystem. Some embodiments may use big dataanalytics to monitor anonymity and anomaly detection. Some embodimentsof the big data capability allow the system to search for actionableintelligence in peta-bytes of data put into counter mode. Continuousassessment of all blockchain data, plus additional sources to ensureblockchain data, remains uncorrelated.

Some embodiments of overwatch agents 910 will continuously assess theentire network for vulnerabilities. For example, every IP address can beassessed against 155,000 threat vectors continuously. This compares bestin class commercial assessment of 90,000 threat vectors typically doneonce a year (US DoD Standard). Some embodiments can provide a variety ofstandard compliances (e.g., HIPAA, FINRA, DISA, PCI-DSS, etc.).

In some embodiments, the system may issue a set of coins (e.g.,GuardianCoins) which can be utility tokens that are the path toaccessing resources on the public blockchain. Examples of resourcesinclude, but are not limited to, bandwidth, RAM, CPU, and storage. dAppdevelopers will “stake” their tokens and are granted access to resources(e.g., bandwidth, CPU and Storage) based on the amount of tokens staked.In some embodiments, RAM may be separate from all other resourcesbecause it is precious and could be gamed/speculated on. As such, dAppdevelopers may be required to purchase RAM based on the rate theGuardianCoin Network software sets it at from an internal RAM market.The rate may be based on what the current supply of RAM is. The less RAMthat's available to purchase, the higher the price is and the higher theincentive is to sell RAM if you aren't using it. Each time someone buysor sells RAM a 1% fee may be applied (to both sides of the transaction,meaning 2% total). Such a feature helps reduce speculation (the fee isten times what a normal exchange would charge) and also serves to reducethe overall inflation as these fees collected are removed fromcirculation (e.g., burned).

Some embodiments may include a Protocol Service Pack as a PrivateBlockchain (Guardian Protocol) for customers to run within their ownenvironments. In this implementation, Bandwidth, RAM, CPU, and Storageare provided by the customer and do not incur staking or purchasingusing the tokens in the traditional way of a dApp. Use of dApps and thePrivate Blockchain are enabled through staking tokens which will coversoftware licensing and maintenance. This may be as an annualsubscription or a perpetual licensing model.

In some embodiments, all messages received by the Messaging Server arecopied to all anonymous users. Users can find their messages bycryptographically testing all received messages. As a result, monitoringthe Anonymous network cannot determine the intended message recipients.Sending private messages can be monitored but the recipients cannot bedetermined. The messaging server can exist as part of the Proxy, but canalso exist separately. In the latter case, the sender IP addresses canbe hidden from the Proxy. In some embodiments, the Anonymous network canbe extended in layers using Anonymous Proxy Servers, in which one layerhides recipients and a second layer could also hide senders. This is notthe same as P2P or Onion network since it thwarts traffic analysis.Sender IP's can also be hidden in some embodiments by separating themessaging service from the proxy. In this case, the proxy receives itsuser instructions as a messaging client.

FIG. 10 illustrates an example of various decentralized applicationsthat may be used in some embodiments of the present technology. Asillustrated in FIG. 10, the system may include a variety of dApps suchas, but not limited to, wallet dApp 1005, criminal record dApp 1010,land registry dApp 1015, classified document dApp 1020, identitymanagement dApp 1025, supply chain dApp 1030, USD linked dApp 1035,secure communications dApp 1040, and/or other dApps. In addition to thedApps the system may include proxies 1045 and block producers 1050.

Various embodiments of the ecosystem provide a wallet dApp 1005 that canbe a hub for each account holder to send and receive payments of tokens,attachments, messages, and the like while ensuring that users remainanonymous and the data encrypted and secure. Some embodiments of thewallet 1005 can have a decentralized, yet non-distributed, auditcapability to ensure that the blockchain for messaging is usedappropriately. Any image or message that is to be uploaded to theblockchain can be first analyzed locally on the account holders' devicein some embodiments. If that image or message is deemed inappropriate bythe software, the wallet may not upload that content and advise theaccount holder of the same. This localized gatekeeper functionality maynot at any time send messages or images for any centralized review, andthis will be capable of being validated easily by a user capturing theirown data traffic.

In some embodiments, the analysis may utilize machine learningalgorithms, that have been taught centrally, deployed locally, andcontained locally on remote devices, which can structure unstructureddata for local analysis to reach a determination of appropriateness. Inthis way, various embodiments can defeat the problems of content thatare universally deemed to be inappropriate and that have plaguedBitcoin. Embodiments may also be able to mitigate the “death squad”issues that would come with total anarchy. It should be expected thatthis vetting capability will not be fool-proof and there is a chancesome legitimate content will be blocked and vice versa.

Criminal record dApp 1010 can link to governmental criminal records andmay provide access to authorized personnel. Various embodiments ofcriminal record dApp 1010 would allow law agencies to access certaincriminal records between agencies ensuring the records have not beentampered (e.g., immutable records). In accordance with some embodiments,dApp 1010 may allow the overwatch agent (or other component) torecognize bad characters within the blockchain (e.g., cross-referenceknown criminals). As such, those who may be attempting to tamper or hackthe system causing certain damage to the blockchain or specific recordscan be more easily identified.

Similarly, land registry dApp 1015 can link to property records andcreate a portal for accessing these records. In accordance with someembodiments, land registry dApp 1015 is geared towards facilitiesmanagement in either the public or private sectors. As such, the recordsin the blockchain would again ensure the records or specific attributesare not changed, or if they are, they have a record (paper trail) ofsuch updates to the record.

Classified document dApp 1020, may contain a smart contract withrestrictive access (security clearance) capability that could be createdfor access to data files. A smart contract for a classified governmentdocument might allow access only if two keys are presented at the sametime: the user's key and an NSA system key. Even if a future data hackoccurs, the hacker would not be able to view the stolen documentswithout the keys from intended parties. It is estimated that with theworld's computing power it would take nearly 40 years to brute-forcedecode a single message and each message is uniquely keyed.

Identity management dApp 1025 can allow companies, governmentalagencies, and other entities to create, distribute, and even link avariety of identifiers to a single user. For example, some embodimentsof the present technology can utilize blockchain to provide radicalefficiencies in identity management, enabling government to create asingle collection of identity and authentication documents that can beused across departments. From issuing passports and national ID cards tonational health insurance/social security numbers and tax payer IDs,establishing and verifying identity is critical to both Governments andtheir citizens. A blockchain can provide radical efficiencies in theseareas, enabling government to create a single collection of identity andauthentication document that can be used across departments. Theserecords from personal identification, licenses, and property rights thatcan be made available to authorized users of the blockchain, such as taxauthorities, the police, and hospitals. The dual aspects of privacy andavailability are vital to protect personal information and make itavailable instantly only to the right departments when needed,benefitting both the citizen and government alike.

Supply chain dApp 1030 can allow a user to identify an object's preciselocation within the supply chain, and its accompanying digitizeddocumentation can be made part of a traceable permanent record. This canreduce uncertainty and increase ability to plan for infrastructureneeds, even with lean budgets.

USD linked dApp 1035 can provide a secure record of currencyfluctuations. In accordance with some embodiments, dApp 1035 may beuseful in the area of monetary policy. The fluctuations of a currency(e.g., USD) may be represented in real or digital currency, or digitalcurrencies directly backed by USD. The blockchain would capture eachfluctuation in the currency based on some type of internal or externaltrigger. The capture of such currency changes, and the capture istimestamped at a very high level of accuracy—milliseconds or evennanosecond resolution, may ensure certain currency manipulation is notoccurring. In some embodiments, the dApp can be be used to peg onecurrency to another regardless of the currencies (e.g., USD, digital,etc). Time resolution may also be used to allow the currencies to bepegged given their values at a specific time.

Transacting anonymously and securely still requires communicationbetween the transacting parties. As such, some embodiments use militarygrade messaging platforms and secure communications dApp 1040 to allowfor a truly decentralized network. Traditional government-grademessaging systems originally held their encryption keys centrally, whichcan be viewed as a weak point for institutions that are unable toprotect their encryption keys properly. Voice and messagingcommunication suites in various embodiments of the present technologycan use decentralized key management, in effect the handset creates asession key on an as needed basis. Some embodiments also provide for aprotocol to provide for fully decentralized, anonymized and encryptedmessaging and voice calls. As such, since transacting often requirescommunication between the parties, various embodiments of the presenttechnology provide a decentralized messaging capability allowing thoseparties to have the same level of anonymity and encryption in theircommunications as they do with their payments.

Verticals

Most industries require some levels of privacy, and in many cases thisis mandatory. This may range from the protection of IntellectualProperty and competitive advantage, to industry best practice or legalrequirements. When one considers industries such as healthcare, finance,and Government, to name but a few, the argument for security and privacybecomes overwhelmingly convincing.

Healthcare

In the US, administrative spending accounted for nearly 15% of allhealthcare spending in 2016 and it is estimated that two-thirds of thesecosts are related to billing and insurance. For example, insurancecompanies require care providers to gain authorization before commencingmany expensive treatments. This often means completion of anauthorization form and sending it to the insurance company who willmanually review the application and decide whether to seek moreinformation, approve, or reject the claim.

In this way, care providers and insurance companies spend between$23bn-$31bn annually processing treatment pre-authorizations alone andthe implications of tackling these types of efficiency improvementthrough blockchain are manifestly substantive. Once approved, the timeit takes to settle a healthcare claim and the determination and trackingof any deductibles and co-payments are also a major source of cost andpain. Some embodiments may utilize a smart contract dApp that couldreduce the time needed for healthcare claim processing from 7-14 days tounder 15 minutes.

The smart contract within the dApp can include detailed logic thatrepresents payer/provider contract terms, and as soon as the claim issubmitted it could be processed in real-time and payment transmitted tothe provider. In addition, various embodiments of the blockchainecosystem could: 1) introduce overall efficiency and transparency intothis heavily siloed industry by enabling governmental agencies,insurance companies, hospitals, doctors, clinics, and patients to use acommon blockchain; 2) allow health providers to share networks withoutcompromising data privacy, security, or integrity; and/or 3) manage thelifecycle of patient records via blockchain.

As one of the most privacy-sensitive data domains, this sector has aunique set of regulatory requirements related to privacy protections,primarily laid out in the U.S. under the Health Insurance Portabilityand Accountability Act (HIPAA) from 1996. Various embodiments of thepresent technology can meet these requirements through cryptographicanonymity privacy techniques and the ability to create Smart dAPPS withsecurity and privacy at their core. Plus, the safeguards from variousembodiments of the overwatch capability will make the system fully HIPAAcompliant.

Financial

Banks and other financial institutions have been looking at many ways inwhich blockchains can improve sectors which present significantinefficiencies concerning their clearing processes, operational oradministrative functions, and preventing fraud. For example, someembodiments can be used as follows:

-   -   Share certificates—The administrative process of tracking the        transfer of private company shares can be manual, expensive,        subject to errors and can expose issuers to regulatory risks. A        blockchain and a smart contract dApp could track trading and        ownership of private company shares.    -   Loans—Average settlement time for secondary trading of        syndicated loans is around one month, given that the process is        mostly manual and involves multiple counterparties. A blockchain        dApp could facilitate faster clearing and settlement of loans        and reduce manual reviews, data re-entry, and reconciliation.    -   Customer Identification—Know your customer (alternatively know        your client or ‘KYC’) is the process of a bank identifying and        verifying the identity of its clients and anti-money laundering        regulations which governs these activities. Banks are        increasingly demanding that customers provide detailed        anti-corruption due diligence information. Banks and financial        institutions often employ multiple systems to manage customer        identification, adding complexity for both customers and        employees. This makes identity validation to support customer        (KYC) compliance arduous and repetitive. Various embodiments of        the present technology can consolidate all identification        documents to improve client satisfaction, decrease duplicate        information and ease administrative effort.

Banking is heavily regulated to ensure privacy for some of the mostsensitive data for most individuals, and the compromise of this data canhave devastating consequences. Together with the U.S. Securities andExchange Commission, the Financial Industry Regulatory Authority (FINRA)regulates securities firms carrying out business in the United States.There are similar regulations globally.

Protection of financial and personal customer information is a keyresponsibility and obligation of FINRA member firms. In the UnitedStates, broker and dealers must have written policies and procedures inplace to address the protection of customer information and records. Asdetailed in FINRA's NASD Notice to Members 05-49 (SafeguardingConfidential Customer Information), the policies and procedures must bereasonably designed to:

-   -   ensure the security and confidentiality of customer records and        information;    -   protect against any anticipated threats or hazards to the        security or integrity of customer records and information; and    -   protect against unauthorized access to or use of customer        records or information that could result in substantial harm or        inconvenience to any customer.

Banks and other financial organizations also need to demonstratecompliance with the Payment Card Industries Data Security Standards(PCI-DSS). To date, this type regulatory control and sensitivity ofbanking data has restricted the ability of banks to embrace blockchainsas they would like, as the inherent transparency of blockchain and thenetworks on which hey rest are incompatible with the need to safeguardpersonally identifiable information (PII) and trade strategies.

While blockchain may help facilitate transparency from a technologicalperspective, financial organizations will seek to keep proprietarytransactional and position information anonymous and private, forcompetitive reasons. Additionally, Network Security is a criticalconsideration for a blockchain network, particularly given thedistributed nature of the network and the potential participation fromentities across the globe. This is a major challenge for blockchainnetworks.

Market participants are likely to require assurances that the network isprotected from external threats before joining, given that they may beproviding private information and engaging in financial transactionswithin the network. As with HIPAA for Healthcare, various embodimentsensure the blockchain is PCI-DSS and FINRA compliant.

Governmental

Governments across the globe are looking into blockchains to facilitate,streamline and improve efficiency in many areas and there are multipleuse cases for a secure Government blockchain. For example:

-   -   Identity Services: From issuing passports and national ID cards        to national health insurance/social security numbers and tax        payer IDs, establishing and verifying identity is critical to        both Governments and their citizens. A major pain point though        is the financial and personnel cost associated with positive and        stringent identity services. In a large part this is due to the        difficulty in linking data from siloed departments, where that        information may be in differing formats from various sources,        and the potential conflicts that can arise. A blockchain can        provide radical efficiencies in these areas, enabling government        to create a single, collection of identity and authentication        documents that can be used across departments. These records        from personal identification, licenses and property rights that        can be made available to authorized users of the blockchain,        such as tax authorities the police and hospitals. The dual        aspects of privacy and availability are vital to protect        personal information and make it available instantly only to the        right departments when needed, benefitting both the citizen and        government alike.    -   Land and property registry: Land and other government registries        are essential to ensure smooth property transactions, establish        liability, validate tax records, and verify ownership in legal        cases. Inefficiencies in government processes in this area, due        the fact the registry processes are paper-based and siloed,        leads to repetitive and error-prone data which is vulnerable to        tampering. The use of a standardized system based on blockchain        can not only increase efficiencies and a reduction in time to        process, but also reduce the number of intermediaries require        and increase trust in public trust in identities of transacting        parties in centralized, publicly held records. However, such        information must remain private between the owner of a property,        for instance, and the government, in much the same way as a        citizen would not expect their tax filings to be made public by        the tax authorities. Applying privacy and anonymity to        blockchain transactions will enable this and allow the capture        the entirety of the real estate or any other title transaction.    -   Social Security: A secure blockchain could solve two important        issues in social security payments. First, there is the physical        payment by the government and for the recipient the collection        of that social security payment; for example, in South Africa        the government will send armored vehicles to townships to hand        out social security payments in cash. However, nearly all such        recipients have smartphones and payments could be distributed        using this platform. Secondly, the blockchain could provide an        unchangeable historical record of every social security        transaction. This can be secure for the recipient but allow the        government, with the appropriate permissions, to create a        powerful audit tool. Many governments are investigating the use        of blockchain for such applications, but few have been able to        address the privacy and security implications that arise.

Information to be shared between social security recipients and thegovernment can be highly sensitive (e.g. medical records, case notes,personal identification documents). Building privacy and anonymity intothe blockchain technology can provide for a secure means for protectingthe information stored within the distributed network and determininghow and when it is used and/or shared with an immutable audit of whenthat data was accessed and by whom.

Various embodiments can provide a fully decentralized system with nocentral switch or stack. As opposed to securing a centralized switch in,for example, a Top-Secret environment, this fully decentralized systemcould offer not only better security (particularly for nations withlower grade infrastructure), but also a reduction in risk that thesystem could go down, or suffer hacking attempts and denial of serviceattacks. Its centralized system would be decentralized acrosspotentially hundreds of proxy servers in the ecosystem of the presenttechnology.

Accounts Payable

Much of the work performed by accounts payable teams stems from havinginconsistent data between the supplier and the buyer. A blockchainprovides a single version of the truth for both the supplier and buyer.Reduced risks, on-time payments and improved working capital. Withshared access to one consistent version of the truth, accountreconciliation and inquiries could become obsolete. Therefore, cycletimes could also be expedited from days to minutes, enabling buyers ooffer earlier payment programs to their suppliers and help ensure thatpayments are managed according to the payment terms.

Fewer disputes and associated benefits such as verifiable and auditableledger systems can mean fewer risks for suppliers and customers. Withaccess to enterprise blockchains, suppliers could gain visibility intothe blockchain platform, verify the payment status and ensure timelypayments. And it's not only the Accounts Payable function in anorganization that can be dramatically optimized through the use ofblockchains, this can extend to the entire supply chain as well:

-   -   From raw materials to distribution to after-sale support,        understanding the location and flow of products within an        organization supply chain is critical—and not only for        maximizing efficiency.    -   Consumers demand transparency on where and how products are made        and regulators around the world require information about supply        chains—with penalties for noncompliance.    -   Beyond the need for information, complex supply chains depend on        trust to function properly. But distrust between organizations        has historically discouraged them from sharing or relying on        shared data.

Blockchain solutions can remedy that with a shared, permissioned recordof ownership, location and movement of parts and goods. That sharedrecord can increase efficiency, transparency and trust for any business.Disparate record-keeping and reporting systems can lead to scattered,incomplete and unreliable manifests, bills of lading, certifications,etc. In addition, supply chain intelligence is knowing more than wheregoods are at any given moment. To find the source of flawed parts orcomponent failures, being able to trace the origin and provenance ofpreviously shipped goods is critical. With blockchain-stored records,all relevant information can be simultaneously and securely available tosender, receiver, shipper and regulators and these records reflect aproduct's geographic flow and how it was treated. With a blockchain youcan examine sources, investigate industry certifications, trackrestricted or dangerous components, discover storage condition anomaliesand more.

While a blockchain ledger can solve a large number of accounts payableand supply chain problems, transparency to the degree that anyone canfollow a company's purchases, or the flow of its supply chain can leadto a lack of competitive advantage and worse. This is a critical issuefor weak blockchain code on a weak network. For example, if anyone couldexplore Apple's supply chain and could see that it is suddenly sourcing5-inch OLED panels and knew where they were coming from, the secrecyaround its new iPhone would be destroyed. It would give Apple'scompetition plenty of time to match (or improve on) the features of thenew product and any first mover advantage would be lost. Whilecommercially this would be a major issue, imagine the advantages to anation such as Russia or China, studying the USA's defense supply chain.Various embodiments of the present technology provide a needed solution.

Exemplary Computer System Overview

Aspects and implementations of the overwatch ecosystem of the disclosurehave been described in the general context of various steps andoperations. A variety of these steps and operations may be performed byhardware components or may be embodied in computer-executableinstructions, which may be used to cause a general-purpose orspecial-purpose processor (e.g., in a computer, server, or othercomputing device) programmed with the instructions to perform the stepsor operations. For example, the steps or operations may be performed bya combination of hardware, software, and/or firmware.

FIG. 11 is a block diagram illustrating an example machine representingthe computer systemization of various components of the overwatchecosystem. The component 1100 may be in communication with entitiesincluding one or more users 1125 client/terminal devices 1120 (e.g.,devices 110A-110N), user input devices 1105, peripheral devices 1110, anoptional co-processor device(s) (e.g., cryptographic processor devices)1115, and networks 1130 (e.g., 120 and 130 in FIG. 1). Users may engagewith the component 1100 via terminal devices 1120 over networks 1130.

Computers may employ central processing unit (CPU) or processor toprocess information. Processors may include programmable general-purposeor special-purpose microprocessors, programmable controllers,application-specific integrated circuits (ASICs), programmable logicdevices (PLDs), embedded components, combination of such devices and thelike. Processors execute program components in response to user and/orsystem-generated requests. One or more of these components may beimplemented in software, hardware or both hardware and software.Processors pass instructions (e.g., operational and data instructions)to enable various operations.

The component 1100 may include clock 1165, CPU 1170, memory such as readonly memory (ROM) 1185 and random access memory (RAM) 1180 andco-processor 1175 among others. These subcomponents may be connected toa system bus 1160, and through the system bus 1160 to an interface bus1135. Further, user input devices 1105, peripheral devices 1110,co-processor devices 1115, and the like, may be connected through theinterface bus 1135 to the system bus 1160. The interface bus 1135 may beconnected to a number of interface adapters such as processor interface1140, input output interfaces (I/O) 1145, network interfaces 1150,storage interfaces 1155, and the like.

Processor interface 1140 may facilitate communication betweenco-processor devices 1115 and co-processor 1175. In one implementation,processor interface 1140 may expedite encryption and decryption ofrequests or data. Input output interfaces (I/O) 1145 facilitatecommunication between user input devices 1105, peripheral devices 1110,co-processor devices 1115, and/or the like and components of thecomponent 1100 using protocols such as those for handling audio, data,video interface, wireless transceivers, or the like (e.g., Bluetooth,IEEE 1394a-b, serial, universal serial bus (USB), Digital VisualInterface (DVI), 802.11a/b/g/n/x, cellular, etc.). Network interfaces1150 may be in communication with the network 1130. Through the network1130, the component 1100 may be accessible to remote terminal devices1120. Network interfaces 1150 may use various wired and wirelessconnection protocols such as, direct connect, Ethernet, wirelessconnection such as IEEE 802.11a-x, and the like.

Examples of network 1130 include the Internet, Local Area Network (LAN),Metropolitan Area Network (MAN), a Wide Area Network (WAN), wirelessnetwork (e.g., using Wireless Application Protocol WAP), a securedcustom connection, and the like. The network interfaces 1150 can includea firewall which can, in some aspects, govern and/or manage permissionto access/proxy data in a computer network, and track varying levels oftrust between different machines and/or applications. The firewall canbe any number of modules having any combination of hardware and/orsoftware components able to enforce a predetermined set of access rightsbetween a particular set of machines and applications, machines andmachines, and/or applications and applications, for example, to regulatethe flow of traffic and resource sharing between these varying entities.The firewall may additionally manage and/or have access to an accesscontrol list which details permissions including, for example, theaccess and operation rights of an object by an individual, a machine,and/or an application, and the circumstances under which the permissionrights stand. Other network security functions performed or included inthe functions of the firewall, can be, for example, but are not limitedto, intrusion-prevention, intrusion detection, next-generation firewall,personal firewall, etc., without deviating from the novel art of thisdisclosure.

Storage interfaces 1155 may be in communication with a number of storagedevices such as, storage devices 1190, removable disc devices, and thelike. The storage interfaces 1155 may use various connection protocolssuch as Serial Advanced Technology Attachment (SATA), IEEE 1394,Ethernet, Universal Serial Bus (USB), and the like.

User input devices 1105 and peripheral devices 1110 may be connected toI/O interface 1145 and potentially other interfaces, buses and/orcomponents. User input devices 1105 may include card readers, fingerprint readers, joysticks, keyboards, microphones, mouse, remotecontrols, retina readers, touch screens, sensors, and/or the like.Peripheral devices 1110 may include antenna, audio devices (e.g.,microphone, speakers, etc.), cameras, external processors, communicationdevices, radio frequency identifiers (RFIDs), scanners, printers,storage devices, transceivers, and/or the like. Co-processor devices1115 may be connected to the component 1100 through interface bus 1135,and may include microcontrollers, processors, interfaces or otherdevices.

Computer executable instructions and data may be stored in memory (e.g.,registers, cache memory, random access memory, flash, etc.) which isaccessible by processors. These stored instruction codes (e.g.,programs) may engage the processor components, motherboard and/or othersystem components to perform desired operations. The component 1100 mayemploy various forms of memory including on-chip CPU memory (e.g.,registers), RAM 1180, ROM 1185, and storage devices 1190. Storagedevices 1190 may employ any number of tangible, non-transitory storagedevices or systems such as fixed or removable magnetic disk drive, anoptical drive, solid state memory devices and other processor-readablestorage media. Computer-executable instructions stored in the memory mayinclude one or more program modules such as routines, programs, objects,components, data structures, and so on that perform particular tasks orimplement particular abstract data types. For example, the memory maycontain operating system (OS) component 1195, modules and othercomponents, database tables, and the like. These modules/components maybe stored and accessed from the storage devices, including from externalstorage devices accessible through an interface bus.

The database components can store programs executed by the processor toprocess the stored data. The database components may be implemented inthe form of a database that is relational, scalable and secure. Examplesof such database include DB2, MySQL, Oracle, Sybase, and the like.Alternatively, the database may be implemented using various standarddata-structures, such as an array, hash, list, stack, structured textfile (e.g., XML), table, and/or the like. Such data-structures may bestored in memory and/or in structured files.

The component 1100 may be implemented in distributed computingenvironments, where tasks or modules are performed by remote processingdevices, which are linked through a communications network, such as aLocal Area Network (“LAN”), Wide Area Network (“WAN”), the Internet, andthe like. In a distributed computing environment, program modules orsubroutines may be located in both local and remote memory storagedevices. Distributed computing may be employed to load balance and/oraggregate resources for processing. Alternatively, aspects of thecomponent 1100 may be distributed electronically over the Internet orover other networks (including wireless networks). Those skilled in therelevant art(s) will recognize that portions of the overwatch ecosystemmay reside on a server computer, while corresponding portions reside ona client computer. Data structures and transmission of data particularto aspects of the component 1100 are also encompassed within the scopeof the disclosure.

CONCLUSION

Unless the context clearly requires otherwise, throughout thedescription and the claims, the words “comprise,” “comprising,” and thelike are to be construed in an inclusive sense, as opposed to anexclusive or exhaustive sense; that is to say, in the sense of“including, but not limited to.” As used herein, the terms “connected,”“coupled,” or any variant thereof means any connection or coupling,either direct or indirect, between two or more elements; the coupling orconnection between the elements can be physical, logical, or acombination thereof. Additionally, the words “herein,” “above,” “below,”and words of similar import, when used in this application, refer tothis application as a whole and not to any particular portions of thisapplication. Where the context permits, words in the above DetailedDescription using the singular or plural number may also include theplural or singular number respectively. The word “or,” in reference to alist of two or more items, covers all of the following interpretationsof the word: any of the items in the list, all of the items in the list,and any combination of the items in the list.

The above Detailed Description of examples of the technology is notintended to be exhaustive or to limit the technology to the precise formdisclosed above. While specific examples for the technology aredescribed above for illustrative purposes, various equivalentmodifications are possible within the scope of the technology, as thoseskilled in the relevant art will recognize. For example, while processesor blocks are presented in a given order, alternative implementationsmay perform routines having steps, or employ systems having blocks, in adifferent order, and some processes or blocks may be deleted, moved,added, subdivided, combined, and/or modified to provide alternative orsubcombinations. Each of these processes or blocks may be implemented ina variety of different ways. Also, while processes or blocks are attimes shown as being performed in series, these processes or blocks mayinstead be performed or implemented in parallel, or may be performed atdifferent times. Further any specific numbers noted herein are onlyexamples: alternative implementations may employ differing values orranges.

The teachings of the technology provided herein can be applied to othersystems, not necessarily the system described above. The elements andacts of the various examples described above can be combined to providefurther implementations of the technology. Some alternativeimplementations of the technology may include not only additionalelements to those implementations noted above, but also may includefewer elements.

These and other changes can be made to the technology in light of theabove Detailed Description. While the above description describescertain examples of the technology, and describes the best modecontemplated, no matter how detailed the above appears in text, thetechnology can be practiced in many ways. Details of the system may varyconsiderably in its specific implementation, while still beingencompassed by the technology disclosed herein. As noted above,particular terminology used when describing certain features or aspectsof the technology should not be taken to imply that the terminology isbeing redefined herein to be restricted to any specific characteristics,features, or aspects of the technology with which that terminology isassociated. In general, the terms used in the following claims shouldnot be construed to limit the technology to the specific examplesdisclosed in the specification, unless the above Detailed Descriptionsection explicitly defines such terms. Accordingly, the actual scope ofthe technology encompasses not only the disclosed examples, but also allequivalent ways of practicing or implementing the technology under theclaims.

To reduce the number of claims, certain aspects of the technology arepresented below in certain claim forms, but the applicant contemplatesthe various aspects of the technology in any number of claim forms. Forexample, while only one aspect of the technology is recited as acomputer-readable medium claim, other aspects may likewise be embodiedas a computer-readable medium claim, or in other forms, such as beingembodied in a means-plus-function claim. Any claims intended to betreated under 35 U.S.C. § 112(f) will begin with the words “means for”,but use of the term “for” in any other context is not intended to invoketreatment under 35 U.S.C. § 112(f). Accordingly, the applicant reservesthe right to pursue additional claims after filing this application topursue such additional claim forms, in either this application or in acontinuing application.

What is claimed is:
 1. A system comprising: a distributed multi-ledgersystem (DMLS) having a set of block producers that can validatetransactions to be added to a distributed ledger; a proxy assigned to agroup of endpoints, wherein each proxy endpoint within the group ofendpoints routes all transactions and communications through an assignedproxy; and an overwatch agent configured to receive network trafficrouted through the assigned proxy and to identify threat vectors.
 2. Thesystem of claim 1, wherein the proxy includes a masking agent toidentify and encrypt sensitive data within the transactions beforetransmitting the transactions to one of the set of block producers. 3.The system of claim 2, wherein the proxy includes a routing agent torandomly select, for each of the transactions, a block producer from aset of block producers to which each of the transactions is routed. 4.The system of claim 1, wherein the overwatch agent includes: aningestion interface to receive the network traffic; a monitoring engineto monitor the network traffic and identify threats; a machine learningengine to identify a baseline network model and classify networktraffic; and an alert system to communicate threats identified by themonitoring engine to the proxy or DMLS.
 5. The system of claim 1,wherein the transactions include cryptocurrency transactions.
 6. Thesystem of claim 1, further comprising one or more miners to tap thenetwork traffic by passive tapping or inline tapping.
 7. The system ofclaim 1, wherein the overwatch agent is further configured to assessboth transaction data submitted by an endpoint for recordation on ablockchain of the DMLS, and a point of interaction with the blockchainof the endpoint.
 8. The system of claim 7, wherein the overwatch agentis further configured to identify threat vectors in the absence of anyintermission in routing transactions and communications.
 9. A systemcomprising: a distributed multi-ledger system (DMLS) having a set ofblock producers for validating transactions to be added to a distributedledger; a proxy assigned to a group of proxy endpoints, wherein eachproxy endpoint within the group of proxy endpoints routes alltransactions and communications through an assigned proxy, and whereinat least one proxy endpoint of the group of proxy endpoints connects tothe assigned proxy as an anonymous endpoint; and an overwatch agentconfigured to receive network traffic routed through the assigned proxyand to identify threat vectors.
 10. The system of claim 9, wherein atleast some of the transactions and communications contain personallyidentifiable information (PII) associated with users of proxy endpointsin the group, and wherein the overwatch agent is further configured toidentify information in the network traffic constituting a PIImisappropriation threat.
 11. The system of claim 9, wherein the assignedproxy is configured to: classify content in the network trafficaccording to a generated policy score for the content, and add thecontent to a blockchain of the DMLS in response to a compliant policyscore being generated for the content.
 12. The system of claim 11,wherein the policy score is generated for the content by an artificialintelligence engine.
 13. The system of claim 11, wherein the content isclassified and scored according to a presence or absence of at least oneof: copyrighted content, PII content, and indecent content.
 14. Thesystem of claim 11, wherein the assigned proxy is further configured torandomly select content from the network traffic for classification andscoring.
 15. The system of claim 9, wherein the assigned proxy server isconfigured to anonymize at least some of the data of the transactionsand communications by masking PII associated with a user of the at leastone proxy endpoint.
 16. A system comprising: a distributed multi-ledgersystem (DMLS) having a set of block producers that can validatetransactions to be added to a distributed ledger; a plurality of proxyservers respectively assigned to endpoint groups, wherein each endpointwithin an endpoint group routes all transactions and communicationsthrough an assigned proxy server, and wherein at least one endpoint ofthe endpoint group connects to the assigned proxy anonymously; and anoverwatch agent configured to receive network traffic routed through theassigned proxy and to identify threat vectors.
 17. The system of claim16, wherein the transactions and communications are routed from eachendpoint through the assigned proxy server as messages to one or moreblock producers of the set of block producers.
 18. The system of claim17, wherein at least some of the messages contain personallyidentifiable information (PII) of a user associated with the at leastone endpoint, and wherein the assigned proxy server is configured tomask the PII prior to routing the at least some of the messages to theone or more block producers.
 19. The system of claim 18, wherein theassigned proxy server is further configured to mask the PII beforetransaction data contained in the at least some of the messages isrecorded in a blockchain of the DMLS.
 20. The system of claim 18,wherein the PII includes at least one of: a name, a credit card number,a telephone number, and a social security number.
 21. The system ofclaim 16, wherein two are more of the plurality of proxies are assignedto one or more of the endpoint groups.
 22. The system of claim 16,wherein the transactions and communications of each endpoint are routedthrough the assigned proxy in the absence of sharing data of thetransactions and communications with proxies other than the assignedproxy.
 23. A system comprising: a distributed multi-ledger system (DMLS)having a plurality of block producers for validating transactions to beadded to a distributed ledger; a plurality of proxy servers incommunication with the block producers, and endpoints of the pluralityof proxy servers, and configured to determine whether a message sent bya proxy endpoint was intended for a respective proxy server, wherein themessage sent by the proxy endpoint is routed to the DMLS through anassigned proxy server selected from a subset of the plurality of proxyservers in response to determining that the message was intended for oneor more of the proxy servers of the subset, and wherein the assignedproxy server is configured to anonymize at least some of the datacontained in the message prior to routing the message to the DMLS; andan overwatch agent configured to receive network traffic routed throughthe assigned proxy server and to identify threat vectors.
 24. The systemof claim 23, wherein the message contains transaction data, and whereinthe assigned proxy server is further configured to select one of theplurality of block producers for routing the transaction to.
 25. Thesystem of claim 23, wherein the message contains transaction data, andwherein the assigned proxy server is further configured to anonymize theat least some of the data contained in the message by masking personallyidentifiable information associated with a user of the proxy endpoint inthe at some of the data.
 26. The system of claim 23, wherein theassigned proxy server is further configured to select one of theplurality of block producers for routing the message to.
 27. The systemof claim 26, wherein the assigned proxy server is further configured torandomly select the one block produced from among the plurality of blockproducers.
 28. The system of claim 23, wherein the subset of theplurality of proxy servers is selected from a fixed set of two or moreproxy servers of the plurality of proxy servers.
 29. The system of claim28, wherein a composition of proxy servers of the fixed set is changedover time.
 30. The system of claim 23, wherein the subset of theplurality of proxy servers is randomly selected from two or more of theplurality of proxy servers.